Secure ASP.NET Framework session cookie when HTTPS is enabled.

claudiamurialdo · claudiamurialdo · commit dbb87cf4b19b · 2025-11-21T11:55:38.000-03:00
diff --git a/dotnet/src/dotnetframework/GxClasses/Middleware/GXHttpModules.cs b/dotnet/src/dotnetframework/GxClasses/Middleware/GXHttpModules.cs
@@ -241,7 +241,7 @@ public void Init(HttpApplication app)
 
 		private void Session_Start(object sender, EventArgs e)
 		{
-			if (App.Request.GetIsSecureFrontEnd() || App.Request.GetIsSecureConnection() == 1)
+			if (App.Request.GetIsSecureFrontEnd() || App.Request.GetIsSecureConnection() == 1 || Preferences.HttpProtocolSecure())
 			{
 				HttpCookie sessionCookie = RetrieveResponseCookie(App.Response, cookieName);
 

Original file line number	Diff line number	Diff line change
`@@ -241,7 +241,7 @@ public void Init(HttpApplication app)`
`241`	`241`
`242`	`242`	`private void Session_Start(object sender, EventArgs e)`
`243`	`243`	`{`
`244`		`- if (App.Request.GetIsSecureFrontEnd() \|\| App.Request.GetIsSecureConnection() == 1)`
	`244`	`+ if (App.Request.GetIsSecureFrontEnd() \|\| App.Request.GetIsSecureConnection() == 1 \|\| Preferences.HttpProtocolSecure())`
`245`	`245`	`{`
`246`	`246`	`HttpCookie sessionCookie = RetrieveResponseCookie(App.Response, cookieName);`
`247`	`247`